Package org.jivesoftware.openfire.net

Class DNSUtil

java.lang.Object
org.jivesoftware.openfire.net.DNSUtil
public class DNSUtil extends Object
Utility class to perform DNS lookups for XMPP services.
Author:
Matt Tucker

  • Field Details

    • DNS_OVERRIDE

      public static final SystemProperty<String> DNS_OVERRIDE
      Specifies custom hostnames or IP addresses (IPv4 or IPv6) and ports for XMPP domains, overriding standard DNS lookups for outgoing server-to-server connections.

  • Constructor Details

    • DNSUtil

      public DNSUtil()

  • Method Details

    • resolveXMPPDomain

      public static List<Set<SrvRecord>> resolveXMPPDomain(String domain, int defaultPort)
      Returns a collection of host names and ports that the specified XMPP domain can be reached at for server-to-server communication. DNS lookups for a SRV records in the form "_xmpp-server._tcp.example.com" and "_xmpps-server._tcp.example.com" are attempted, in line with section 3.2 of XMPP Core and XEP-0368. If those lookup fail to provide any records, a lookup in the older form of "_jabber._tcp.example.com" is attempted since servers that implement an older version of the protocol may be listed using that notation. If that lookup fails as well, it's assumed that the XMPP server lives at the host resolved by a DNS A lookup at the specified domain on the specified default port. As an example, a lookup for "example.com" may return "im.example.com:5269". DNS overrides are evaluated before DNS lookups. Resolution first checks for an exact key match in dnsOverride. If none exists, wildcard entries in the form *.example.org are considered. When multiple wildcard entries match, the most-specific match is selected. If no wildcard entry matches, the special key * is used as a global fallback. The returned collection is a list of sets of host names. The 'inner' collection, the sets of host names, are grouping host names that have an equal 'priority' SRV value. The 'outer' collection, the list, defines the order that's defined by the 'priority' value (lowest first). Generally speaking, all values from the first set of the outer list should be processed, before elements from the next set of that list are to be processed. The Sets that are returned as elements of the list have a predictable iteration order. This order is based on a randomization based on the SRV 'weight' value of each host.
      Parameters:
      domain - the domain.
      defaultPort - default port to return if the DNS look up fails.
      Returns:
      SRV records (grouped by priority) which encompasses the hostname and port that the XMPP server can be reached at for the specified domain.
      See Also:

    • getDnsOverride

      public static Map<String,SrvRecord> getDnsOverride()
      Returns DNS override entries that are checked before DNS SRV lookups. Resolution precedence is exact key match, then most-specific wildcard key in the form *.example.org, then global fallback key *.
      Returns:
      configured DNS override entries, or null when no overrides are configured.

    • getDnsOverrideEntriesByPrecedence

      public static List<Map.Entry<String,SrvRecord>> getDnsOverrideEntriesByPrecedence()
      Returns DNS override entries ordered by resolution precedence. The order is exact domain keys first, wildcard keys in the form *.example.org next (most-specific first), and the global fallback key * last.
      Returns:
      an ordered snapshot of configured DNS override entries, never null.

    • setDnsOverride

      public static void setDnsOverride(Map<String,SrvRecord> dnsOverride)
      Sets DNS override entries that are checked before DNS SRV lookups. Exact keys are matched first. Wildcard keys in the form *.example.org are matched by suffix, preferring the most-specific wildcard when multiple entries match. The key * is a global fallback.
      Parameters:
      dnsOverride - DNS override entries keyed by domain or wildcard pattern.

    • srvLookup

      public static List<SrvRecord> srvLookup(@Nonnull String service, @Nonnull String proto, @Nonnull String name)
      Performs a DNS SRV lookup. Does not take into account any DNS overrides configured in this class. The results returned by this method are ordered by priority (ascending), and order of equal priority entries is randomized by weight, as defined in the DNS SRV specification.
      Parameters:
      service - the symbolic name of the desired service.
      proto - the transport protocol of the desired service; this is usually either TCP or UDP.
      name - the domain name for which this record is valid.
      Returns:
      An ordered list of results (possibly empty, never null).

    • isNameCoveredByPattern

      public static boolean isNameCoveredByPattern(String name, String pattern)
      Checks if the provided DNS pattern matches the provided name. For example, this method will: return true for name: xmpp.example.org, pattern: *.example.org return false for name: xmpp.example.org, pattern: example.org return false for name: notexample.org, pattern: *.example.org return true for name: xmpp.example.org, pattern: *.xmpp.example.org (certificate edge case) Note: This method includes special handling for certificate compatibility where a domain name can match a wildcard pattern for that same domain (e.g., xmpp.example.org matches *.xmpp.example.org). While this behavior is non-standard for DNS wildcards, it is required for Openfire's certificate management functionality. This method is not case-sensitive.
      Parameters:
      name - The name to check against a pattern (cannot be null or empty).
      pattern - the pattern (cannot be null or empty).
      Returns:
      true when the name is covered by the pattern, otherwise false.
      Throws:
      IllegalArgumentException - if either name or pattern is null or empty.